SlideShare a Scribd company logo

Building Secure Connected Devices with IoT Security Best Practices

Download as PPT, PDF
IndicThreads
IndicThreads

Presented at the IndicThreads.com Software Development Conference 2016 held in Pune, India. More at http://www.IndicThreads.com and http://Pune16.IndicThreads.com --

Devices & Hardware
1 of 48
Building Secure Connected Devices Kedar Sovani
Who am I? • IoT @ Marvell for 7 years • 1st Apple HomeKit SDK, 1st Google Weave on μC • Powering millions of Wi-Fi IoT devices in the field
Anywhere and Everywhere
Google for the term IoT Security
Result Type I: Doomsday Hacking Scenarios
Yes, security is a concern • Increased surface area for attacks • Connects to the physical world around us • Newer and tinier hardware • Newer developers
Courtesy: Darkreading.com Result Type II: Buy Our Product
But How Do I Build for Security?
Secure By Design
Device Interactions #1
Remote Access
Standards! • No home-grown security schemes • Rely on established security standards #2
TLS • Transport Layer Security • Certificate-based Server Authentication • Secure Key Exchange • Encrypted Channel • Certificate-based Device Authentication • Secures Bank Transactions
Technology Advancements • Hardware Capability • Memory • CPU • Strong Software • Many Open Source implementations
Courtesy: Ars Technica An interesting search engine
Malformed Content? • What about: malware/viruses? • Communicate with known server • controller by known entities • Write protection
Local Access
Local Network • Acts as a client for outside world • router firewall • Encrypted traffic at the MAC layer • Requires Password/Certificate for access (explicit delegation)
Switch Network? • Remember AP Security • Force physical access to reset-to-factory
New Device Setup? New Device Setup?
Authenticate the other endpoint! #3
Authenticate the other endpoint!
Compromised User • Guest access to the network? • Malware on user’s phone? • Additional Cryptographic layers on top of the MAC layer • User Management
Tradeoff
Physical Access
Physical modification • Change the server address/keys? • Change the firmware? • Trusted Boot • Signed Firmware • Encryption
Device Phishing • Completely change the device? • Device Authentication – PKI
Zarro Boogs Found! • Firmware upgradeability • Connectivity Bonus: evolving appliances • Fix security vulnerabilities • Possible attack vector 
Scrutinize #4
@kedarsovani Thank You!

Recommended

IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIndicThreads
 
IoT Best Practices: Unit Testing
IoT Best Practices: Unit TestingIoT Best Practices: Unit Testing
IoT Best Practices: Unit Testingfarmckon
 
Top IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon HagarTop IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon HagarXBOSoft
 
Internet Of Things
Internet Of ThingsInternet Of Things
Internet Of ThingsVodqaBLR
 
Testing IoT Apps with the Cloud
Testing IoT Apps with the CloudTesting IoT Apps with the Cloud
Testing IoT Apps with the CloudJosiah Renaudin
 
Internet of Things and Quality Assurance
Internet of Things and Quality AssuranceInternet of Things and Quality Assurance
Internet of Things and Quality AssuranceKhubaib Rehman
 
Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...Agile Testing Alliance
 
A Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of ThingsA Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of ThingsRick G. Garibay
 

Recommended

IoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIoT testing and quality assurance indicthreads
IoT testing and quality assurance indicthreadsIndicThreads
 
IoT Best Practices: Unit Testing
IoT Best Practices: Unit TestingIoT Best Practices: Unit Testing
IoT Best Practices: Unit Testingfarmckon
 
Top IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon HagarTop IOT Testing Challenges Webinar with Jon Hagar
Top IOT Testing Challenges Webinar with Jon HagarXBOSoft
 
Internet Of Things
Internet Of ThingsInternet Of Things
Internet Of ThingsVodqaBLR
 
Testing IoT Apps with the Cloud
Testing IoT Apps with the CloudTesting IoT Apps with the Cloud
Testing IoT Apps with the CloudJosiah Renaudin
 
Internet of Things and Quality Assurance
Internet of Things and Quality AssuranceInternet of Things and Quality Assurance
Internet of Things and Quality AssuranceKhubaib Rehman
 
Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...Atagg2015 iot internet of things - get ready to test the connected future ata...
Atagg2015 iot internet of things - get ready to test the connected future ata...Agile Testing Alliance
 
A Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of ThingsA Pragmatic Reference Architecture for The Internet of Things
A Pragmatic Reference Architecture for The Internet of ThingsRick G. Garibay
 
Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Archana Krushnan
 
IoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsIoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsThe IOT Academy
 
Mobile and IoT testing
Mobile and IoT testingMobile and IoT testing
Mobile and IoT testingLangoor Clients
 
IoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubIoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubMarco Silva
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT HubWinWire Technologies Inc
 
Ibm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIbm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIBM_Info_Management
 
IoT Node-Red Presentation
IoT Node-Red PresentationIoT Node-Red Presentation
IoT Node-Red PresentationThe IOT Academy
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsJan Liband
 
An IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesAn IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesSoumya Kanti Datta
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
 
IoT on Azure
IoT on AzureIoT on Azure
IoT on AzureVinoth Rajagopalan
 
Demystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteDemystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteWinWire Technologies Inc
 
Business Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTBusiness Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTIlyas F ☁☁☁
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with AzureVinoth Rajagopalan
 
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureGlobal Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureVinoth Rajagopalan
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsGordon Haff
 
Connecting IoT devices to Azure
Connecting IoT devices to AzureConnecting IoT devices to Azure
Connecting IoT devices to AzureGuy Barrette
 
IoT on the Edge
IoT on the EdgeIoT on the Edge
IoT on the EdgeFIWARE
 
DotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreDotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreRiccardo Cappello
 
At8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoAt8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoNetPlus
 
Analysing digipaks 3
Analysing digipaks 3Analysing digipaks 3
Analysing digipaks 3JoshWilliamson14
 
At8000 s configurando vlan avancado
At8000 s configurando vlan avancadoAt8000 s configurando vlan avancado
At8000 s configurando vlan avancadoNetPlus
 

More Related Content

What's hot

Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Archana Krushnan
 
IoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsIoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsThe IOT Academy
 
IoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubIoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubMarco Silva
 
Ibm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIbm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIBM_Info_Management
 
IoT Node-Red Presentation
IoT Node-Red PresentationIoT Node-Red Presentation
IoT Node-Red PresentationThe IOT Academy
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsJan Liband
 
An IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesAn IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesSoumya Kanti Datta
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsRoshan Kulkarni
 
Demystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteDemystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteWinWire Technologies Inc
 
Business Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTBusiness Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTIlyas F ☁☁☁
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with AzureVinoth Rajagopalan
 
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureGlobal Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureVinoth Rajagopalan
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsGordon Haff
 
Connecting IoT devices to Azure
Connecting IoT devices to AzureConnecting IoT devices to Azure
Connecting IoT devices to AzureGuy Barrette
 
IoT on the Edge
IoT on the EdgeIoT on the Edge
IoT on the EdgeFIWARE
 
DotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreDotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreRiccardo Cappello
 

What's hot (19)

Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.Stc 2016 regional-round-iot testing in agile.
Stc 2016 regional-round-iot testing in agile.
 
IoT Introduction Architecture and Applications
IoT Introduction Architecture and ApplicationsIoT Introduction Architecture and Applications
IoT Introduction Architecture and Applications
 
Mobile and IoT testing
Mobile and IoT testingMobile and IoT testing
Mobile and IoT testing
 
IoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT HubIoTSummit - Introduction to IoT Hub
IoTSummit - Introduction to IoT Hub
 
Azure IoT Hub
Azure IoT HubAzure IoT Hub
Azure IoT Hub
 
Ibm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_CapabilitiesIbm_IoT_Architecture_and_Capabilities
Ibm_IoT_Architecture_and_Capabilities
 
IoT Node-Red Presentation
IoT Node-Red PresentationIoT Node-Red Presentation
IoT Node-Red Presentation
 
Using an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT ApplicationsUsing an Open Source RESTful Backend for IoT Applications
Using an Open Source RESTful Backend for IoT Applications
 
An IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m servicesAn IoT gateway centric architecture to provide novel m2m services
An IoT gateway centric architecture to provide novel m2m services
 
Architectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud PlatformsArchitectural Patterns in IoT Cloud Platforms
Architectural Patterns in IoT Cloud Platforms
 
IoT on Azure
IoT on AzureIoT on Azure
IoT on Azure
 
Demystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT SuiteDemystifying Internet of Things with Azure IoT Suite
Demystifying Internet of Things with Azure IoT Suite
 
Business Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoTBusiness Transformation with Microsoft Azure IoT
Business Transformation with Microsoft Azure IoT
 
Internet of things (IoT) with Azure
Internet of things (IoT) with AzureInternet of things (IoT) with Azure
Internet of things (IoT) with Azure
 
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with AzureGlobal Azure boot camp 2015 - Microsoft IoT Solutions with Azure
Global Azure boot camp 2015 - Microsoft IoT Solutions with Azure
 
Devising a practical approach to the Internet of Things
Devising a practical approach to the Internet of ThingsDevising a practical approach to the Internet of Things
Devising a practical approach to the Internet of Things
 
Connecting IoT devices to Azure
Connecting IoT devices to AzureConnecting IoT devices to Azure
Connecting IoT devices to Azure
 
IoT on the Edge
IoT on the EdgeIoT on the Edge
IoT on the Edge
 
DotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il ConcentratoreDotNetToscana - Azure IoT Hub - Il Concentratore
DotNetToscana - Azure IoT Hub - Il Concentratore
 

Viewers also liked

At8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoAt8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoNetPlus
 
At8000 s configurando vlan avancado
At8000 s configurando vlan avancadoAt8000 s configurando vlan avancado
At8000 s configurando vlan avancadoNetPlus
 
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)motiondynamicsgadgetguy
 
At8000 s caracteristicas gerais
At8000 s caracteristicas geraisAt8000 s caracteristicas gerais
At8000 s caracteristicas geraisNetPlus
 
Real world IoT for enterprises
Real world IoT for enterprisesReal world IoT for enterprises
Real world IoT for enterprisesIndicThreads
 
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...Polaris Associates
 
At8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamentoAt8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamentoNetPlus
 
Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13Maxim Zap
 
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...OptimalPlus
 
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - MarvellSummit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - MarvellOPNFV
 
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard RankingWiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard RankingAlex G. Lee, Ph.D. Esq. CLP
 

Viewers also liked (13)

At8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamentoAt8000 s configuracao de gerenciamento
At8000 s configuracao de gerenciamento
 
Analysing digipaks 3
Analysing digipaks 3Analysing digipaks 3
Analysing digipaks 3
 
At8000 s configurando vlan avancado
At8000 s configurando vlan avancadoAt8000 s configurando vlan avancado
At8000 s configurando vlan avancado
 
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
Marvell Plug Computer 3.0- David Novak (TheGadgetGUYcolumn.com)
 
At8000 s caracteristicas gerais
At8000 s caracteristicas geraisAt8000 s caracteristicas gerais
At8000 s caracteristicas gerais
 
Case Study: Marvell
Case Study: MarvellCase Study: Marvell
Case Study: Marvell
 
Real world IoT for enterprises
Real world IoT for enterprisesReal world IoT for enterprises
Real world IoT for enterprises
 
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
How Marvell Semiconductor Implemented Executive Dashboards in 17 Countries in...
 
At8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamentoAt8000 s arquitetura de empilhamento
At8000 s arquitetura de empilhamento
 
Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13Maxim zap cv_asic_backend_04_13
Maxim zap cv_asic_backend_04_13
 
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
ITC 2015 - Marvell Present : "Improving Quality and Yield Through Optimal+ Bi...
 
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - MarvellSummit 16: ARM Mini-Summit - NFV for the Masses - Marvell
Summit 16: ARM Mini-Summit - NFV for the Masses - Marvell
 
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard RankingWiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
WiFi (IEEE 802.11 WLAN) Patents for Standard Ranking
 

Similar to Building Secure Connected Devices with IoT Security Best Practices

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldJakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldCodiax
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkMartin Vigo
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Sessionveerababu penugonda(Mr-IoT)
 
The Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoTThe Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoTJim McKeeth
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!Justin Black
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 
Geek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeekNightHyderabad
 
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術ハイシンク創研 / Laboratory of Hi-Think Corporation
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT deviceAbhijeet Rane
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)HITCON GIRLS
 
IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsJay Nagar
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Bindernitayart
 
IoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architectureIoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architecturePaul Fremantle
 
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloudA Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloudWSO2
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 

Similar to Building Secure Connected Devices with IoT Security Best Practices (20)

Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected WorldJakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
Jakub Bartoszek (Samsung Electronics) - Hardware Security in Connected World
 
Creating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdkCreating secure apps using the salesforce mobile sdk
Creating secure apps using the salesforce mobile sdk
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st SessionBeginner’s Guide on How to Start Exploring IoT Security 1st Session
Beginner’s Guide on How to Start Exploring IoT Security 1st Session
 
The Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoTThe Internet of Things and You - A Developers Guide to IoT
The Internet of Things and You - A Developers Guide to IoT
 
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet ChallengeWSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
WSO2Con EU 2015: Keynote - The Identity of Things: The Next Internet Challenge
 
Hack one iot device, break them all!
Hack one iot device, break them all!Hack one iot device, break them all!
Hack one iot device, break them all!
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
Geek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the InternetGeek Night 15.0 - Touring the Dark-Side of the Internet
Geek Night 15.0 - Touring the Dark-Side of the Internet
 
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
社会におけるIoTとセキュリティ、匿名化技術: 産業IoTのサイバーセキュリティ技術
 
How to create a secure IoT device
How to create a secure IoT deviceHow to create a secure IoT device
How to create a secure IoT device
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
 
IoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security ControlsIoT Vulnerability Analysis and IOT In security Controls
IoT Vulnerability Analysis and IOT In security Controls
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Man in the Binder
Man in the BinderMan in the Binder
Man in the Binder
 
IoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architectureIoT World - creating a secure robust IoT reference architecture
IoT World - creating a secure robust IoT reference architecture
 
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloudA Reference Architecture for IoT: How to create a resilient, secure IoT cloud
A Reference Architecture for IoT: How to create a resilient, secure IoT cloud
 
IoT security
IoT securityIoT security
IoT security
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 

More from IndicThreads

Http2 is here! And why the web needs it
Http2 is here! And why the web needs itHttp2 is here! And why the web needs it
Http2 is here! And why the web needs itIndicThreads
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsIndicThreads
 
Go Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayGo Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayIndicThreads
 
Building Resilient Microservices
Building Resilient Microservices Building Resilient Microservices
Building Resilient Microservices IndicThreads
 
App using golang indicthreads
App using golang indicthreadsApp using golang indicthreads
App using golang indicthreadsIndicThreads
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsIndicThreads
 
How to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingHow to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingIndicThreads
 
Functional Programming Past Present Future
Functional Programming Past Present FutureFunctional Programming Past Present Future
Functional Programming Past Present FutureIndicThreads
 
Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams IndicThreads
 
Building & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameBuilding & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameIndicThreads
 
Internet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceInternet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceIndicThreads
 
Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java CarputerIndicThreads
 
Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache SparkIndicThreads
 
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & DockerIndicThreads
 
Speed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackSpeed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackIndicThreads
 
Unraveling OpenStack Clouds
Unraveling OpenStack Clouds Unraveling OpenStack Clouds
Unraveling OpenStack CloudsIndicThreads
 
Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!IndicThreads
 
Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web ApplicationsIndicThreads
 
Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8 Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8IndicThreads
 
Changing application demands: What developers need to know
Changing application demands: What developers need to knowChanging application demands: What developers need to know
Changing application demands: What developers need to knowIndicThreads
 

More from IndicThreads (20)

Http2 is here! And why the web needs it
Http2 is here! And why the web needs itHttp2 is here! And why the web needs it
Http2 is here! And why the web needs it
 
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive ApplicationsUnderstanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
Understanding Bitcoin (Blockchain) and its Potential for Disruptive Applications
 
Go Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang wayGo Programming Language - Learning The Go Lang way
Go Programming Language - Learning The Go Lang way
 
Building Resilient Microservices
Building Resilient Microservices Building Resilient Microservices
Building Resilient Microservices
 
App using golang indicthreads
App using golang indicthreadsApp using golang indicthreads
App using golang indicthreads
 
Building on quicksand microservices indicthreads
Building on quicksand microservices indicthreadsBuilding on quicksand microservices indicthreads
Building on quicksand microservices indicthreads
 
How to Think in RxJava Before Reacting
How to Think in RxJava Before ReactingHow to Think in RxJava Before Reacting
How to Think in RxJava Before Reacting
 
Functional Programming Past Present Future
Functional Programming Past Present FutureFunctional Programming Past Present Future
Functional Programming Past Present Future
 
Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams Harnessing the Power of Java 8 Streams
Harnessing the Power of Java 8 Streams
 
Building & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fameBuilding & scaling a live streaming mobile platform - Gr8 road to fame
Building & scaling a live streaming mobile platform - Gr8 road to fame
 
Internet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads ConferenceInternet of things architecture perspective - IndicThreads Conference
Internet of things architecture perspective - IndicThreads Conference
 
Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer Cars and Computers: Building a Java Carputer
Cars and Computers: Building a Java Carputer
 
Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark Scrap Your MapReduce - Apache Spark
Scrap Your MapReduce - Apache Spark
 
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
Continuous Integration (CI) and Continuous Delivery (CD) using Jenkins & Docker
 
Speed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedbackSpeed up your build pipeline for faster feedback
Speed up your build pipeline for faster feedback
 
Unraveling OpenStack Clouds
Unraveling OpenStack Clouds Unraveling OpenStack Clouds
Unraveling OpenStack Clouds
 
Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!Digital Transformation of the Enterprise. What IT leaders need to know!
Digital Transformation of the Enterprise. What IT leaders need to know!
 
Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications Architectural Considerations For Complex Mobile And Web Applications
Architectural Considerations For Complex Mobile And Web Applications
 
Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8 Functional Programming With Lambdas and Streams in JDK8
Functional Programming With Lambdas and Streams in JDK8
 
Changing application demands: What developers need to know
Changing application demands: What developers need to knowChanging application demands: What developers need to know
Changing application demands: What developers need to know
 

Recently uploaded

Kwin - Trang Tải App Game Kwin68 Club Chính Thức
Kwin - Trang Tải App Game Kwin68 Club Chính ThứcKwin - Trang Tải App Game Kwin68 Club Chính Thức
Kwin - Trang Tải App Game Kwin68 Club Chính ThứcKwin68 Club
 
Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...
Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...
Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...Amil baba
 
Computer Organization and Architecture 10th - William Stallings, Ch01.pdf
Computer Organization and Architecture 10th - William Stallings, Ch01.pdfComputer Organization and Architecture 10th - William Stallings, Ch01.pdf
Computer Organization and Architecture 10th - William Stallings, Ch01.pdfShahdAbdElsamea2
 
美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作
美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作
美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作ss846v0c
 
AIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjek
AIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjekAIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjek
AIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjekpavan402055
 
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls DubaiDubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubaikojalkojal131
 
澳洲Deakin学位证,迪肯大学毕业证书1:1制作
澳洲Deakin学位证,迪肯大学毕业证书1:1制作澳洲Deakin学位证,迪肯大学毕业证书1:1制作
澳洲Deakin学位证,迪肯大学毕业证书1:1制作rpb5qxou
 
RBS学位证,鹿特丹商学院毕业证书1:1制作
RBS学位证,鹿特丹商学院毕业证书1:1制作RBS学位证,鹿特丹商学院毕业证书1:1制作
RBS学位证,鹿特丹商学院毕业证书1:1制作f3774p8b
 
NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...Amil Baba Dawood bangali
 

Recently uploaded (9)

Kwin - Trang Tải App Game Kwin68 Club Chính Thức
Kwin - Trang Tải App Game Kwin68 Club Chính ThứcKwin - Trang Tải App Game Kwin68 Club Chính Thức
Kwin - Trang Tải App Game Kwin68 Club Chính Thức
 
Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...
Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...
Uae-NO1 Amil Baba In Karachi Kala Jadu In Karachi Amil baba In Karachi Addres...
 
Computer Organization and Architecture 10th - William Stallings, Ch01.pdf
Computer Organization and Architecture 10th - William Stallings, Ch01.pdfComputer Organization and Architecture 10th - William Stallings, Ch01.pdf
Computer Organization and Architecture 10th - William Stallings, Ch01.pdf
 
美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作
美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作
美国IUB学位证,印第安纳大学伯明顿分校毕业证书1:1制作
 
AIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjek
AIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjekAIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjek
AIMA_ch3_L2-complement.ppt kjekfkjekjfkjefkjefkjek
 
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls DubaiDubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
Dubai Call Girls O525547819 Spring Break Fast Call Girls Dubai
 
澳洲Deakin学位证,迪肯大学毕业证书1:1制作
澳洲Deakin学位证,迪肯大学毕业证书1:1制作澳洲Deakin学位证,迪肯大学毕业证书1:1制作
澳洲Deakin学位证,迪肯大学毕业证书1:1制作
 
RBS学位证,鹿特丹商学院毕业证书1:1制作
RBS学位证,鹿特丹商学院毕业证书1:1制作RBS学位证,鹿特丹商学院毕业证书1:1制作
RBS学位证,鹿特丹商学院毕业证书1:1制作
 
NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...
NO1 Certified Black Magic Specialist Expert Amil baba in Uk England Northern ...
 

Building Secure Connected Devices with IoT Security Best Practices

Editor's Notes

  1. Mention that direct access to the device is protected by the gateway/firewall man in the middle - read/modify traffic replay - open door lock dns spoof - redirect to malicious server
  2. Talk about user-association challenges, TLS, authorized APIs OLA Money example
  3. From an attacker’s point of view, attack vector limited to being near each device and then exploiting the vulnerability
  4. From an attacker’s point of view, attack vector limited to being near each device and then exploiting the vulnerability